X-Git-Url: http://git.vanrenterghem.biz/git.ikiwiki.info.git/blobdiff_plain/1e1e1f504609f97cad70d5dca964f8fb3cdfecaa..35460e3153286381a6019e5afd46b2880a95cb88:/ikiwiki-mass-rebuild?ds=inline diff --git a/ikiwiki-mass-rebuild b/ikiwiki-mass-rebuild index 1ec90b3c0..f13033e7f 100755 --- a/ikiwiki-mass-rebuild +++ b/ikiwiki-mass-rebuild @@ -2,6 +2,36 @@ use warnings; use strict; +sub supplemental_groups { + my $user=shift; + + my @list; + while (my @fields=getgrent()) { + if (grep { $_ eq $user } split(' ', $fields[3])) { + push @list, $fields[2]; + } + } + + return @list; +} + +sub samelists { + my %a=map { $_ => 1 } split(' ', shift()); + my %b=map { $_ => 1 } split(' ', shift()); + + foreach my $i (keys %b) { + if (! exists $a{$i}) { + return 0; + } + } + foreach my $i (keys %a) { + if (! exists $b{$i}) { + return 0; + } + } + return 1; +} + sub processline { my $user=shift; my $setup=shift; @@ -20,11 +50,14 @@ sub processline { defined(my $pid = fork) or die "Can’t fork: $!"; if (! $pid) { my ($uuid, $ugid) = (getpwnam($user))[2, 3]; - $)="$ugid $ugid"; + my $grouplist=join(" ", $ugid, sort {$a <=> $b} $ugid, supplemental_groups($user)); + if (! samelists(($)=$grouplist), $grouplist)) { + die "failed to set egid $grouplist (got back $))"; + } $(=$ugid; $<=$uuid; $>=$uuid; - if ($< != $uuid || $> != $uuid || $( != $ugid || $) ne "$ugid $ugid") { + if ($< != $uuid || $> != $uuid || $( != $ugid) { die "failed to drop permissions to $user"; } %ENV=(